"Stop the apocalyptic rhetoric.
The alarmist scenarios dominating policy discourse may be good for
the cybersecurity-industrial complex, but they aren’t doing real
security any favors," write former Reason intern
Tate Watkins and Mercatus' Jerry
Brito today at
Wired.
The dynamic duo—who have
debunked the cybersecurity threat in Reason's pages as well—lay
out the mechanism whereby threats of cyber war are systematically
inflated by the devout fearful and those who stand to gain—panicked
Internet Baptists and their military-industrial-complex bootlegger
buddies:
Rhetoric about cyber catastrophe resembles threat inflation we
saw in the run-up to the Iraq War...The media may be contributing to threat inflation today by
uncritically reporting alarmist views of potential cyber threats.
For example, a 2009 front page Wall Street
Journal story reported
that the U.S. power grid had been penetrated by Chinese and Russian
hackers and laced with logic bombs. The article is often cited as
evidence that the power grid is rigged to blow.Yet similar to Judith Miller’s Iraq WMD reporting, the only
sources for the article’s claim that infrastructure has been
compromised are anonymous U.S. intelligence officials. With little
specificity about the alleged infiltrations, readers are left with
no way to verify the claims. More alarmingly, when Sen. Susan
Collins (R-Maine) took to the Senate floor to introduce the
comprehensive cybersecurity bill that she co-authored with Sen. Joe
Lieberman (I-Conn.), the evidence she cited to support a pressing
need for regulation included this very Wall Street
Journal story.
And now, some alarming large numbers in a paragraph studded with
the names of defense contractors:
The U.S. government is expected to spend $10.5 billion a year on
information security by 2015, and analysts have estimated the
worldwide market to be as much as $140 billion a year. The Defense
Department has said it is seeking more than $3.2 billion in
cybersecurity funding for 2012. Lockheed Martin, Boeing, L-3
Communications, SAIC, and BAE Systems have all launched
cybersecurity divisions in recent years.
Check out the smartypants academic version of
Watkins and Brito's report.
Read
lots more skeptical approaches to cyber war (plus a great deal
of hate for the word cyber in any context).